Fortigate - Download and setup FortiClient VPN client

Once you have set up the Fortigate SSL-VPN, an IP and port can be found for users to log in to a web portal to download the FortiClient VPN client.

To find this IP and port navigate to VPN → SSL-VPN Settings, after logging into your FortiGate VDOM.

In these settings you will find an IP and port listed under “Listen on Interface(s)” and “Listen on Port”.

The IP has been redacted in this example, but will be located in the same place, with an IP unique to your Fortigate SSL-VPN.

Navigate to the IP and port to find a login screen.  Use the username and password that has been setup for the SSL VPN user attempting to connect to the VPN.

Once logged in to the web interface, select the “Download FortiClient” drop down box, and select the operating system that the client will be installed on.

Download and install the FortiClient application.  Once downloaded launch the FortiClient application.

Click “Configure VPN” in the FortiClient application.

Name the connection anything relevant to let you know that you are connecting to your firewall’s SSL-VPN.  

Ensure that the VPN selected is SSL-VPN.  

Add the IP address you used to log into the Web interface.

Tick the “Custom port” box, and add the port that was used to log into the web interface

Click Save

Select the VPN Name that was set up under “Connection Name” in the previous step.

Add the username and password that was used to log into the web interface

Click Connect

You will see the status increase in percentages as the client connects to the SSL-VPN

If the connection stops at 40%, check if it is asking you to accept the SSL certificate.  Click yes to accept the certificate.

Once connected, the SSL-VPN client will show the connection status.